MGASA-2016-0109

See a problem?
Please try reporting it to the source first.
Source
https://advisories.mageia.org/MGASA-2016-0109.html
Import Source
https://advisories.mageia.org/MGASA-2016-0109.json
JSON Data
https://api.osv.dev/v1/vulns/MGASA-2016-0109
Upstream
Published
2016-03-10T23:37:43Z
Modified
2026-04-16T06:22:36.551008841Z
Summary
Updated flash-player-plugin packages fix security vulnerability
Details

Adobe Flash Player 11.2.202.577 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system.

This update resolves integer overflow vulnerabilities that could lead to code execution (CVE-2016-0963, CVE-2016-0993, CVE-2016-1010).

This update resolves use-after-free vulnerabilities that could lead to code execution (CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-1000).

This update resolves a heap overflow vulnerability that could lead to code execution (CVE-2016-1001).

This update resolves memory corruption vulnerabilities that could lead to code execution (CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-1005).

Adobe reports that an exploit for CVE-2016-1010 is being used in limited, targeted attacks.

References
Credits

Affected packages

Mageia:5 / flash-player-plugin

Package

Name
flash-player-plugin
Purl
pkg:rpm/mageia/flash-player-plugin?arch=source&distro=mageia-5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
11.2.202.577-1.mga5.nonfree

Ecosystem specific 

{
    "section": "nonfree"
}

Database specific

source 
"https://advisories.mageia.org/MGASA-2016-0109.json"